Blog

Your internet experience is personalized. Google, Facebook, LinkedIn, and thousands of applications provide personalized services based on who and what you are. On the other hand, most defenses are perimeter-based, universal, and not ‘personalized’ for the device. These defenses are largely built to defend against every threat, even though this perimeter method of security is dated and increasingly ineffective in today’s complex hybrid networks.

Today most malware, malworms, and ransomware have no discretion and will compromise anything they can. They penetrate the security perimeters using phishing emails or by exploiting other security vulnerabilities. Once inside, they launch advanced lateral attacks, such as exploiting an exposed SMB port, and evade internal firewalls, IPS, anti-malware, sandboxes, and DPI to find and compromise all insecure devices.

This is particularly disconcerting in healthcare where financially-motivated attacks, such as the WannaCry ransomware cryptoworm, can go beyond extracting multi-million dollar ransoms, they can imperil people’s lives. For example, WannaCry breached hospitals and businesses in 150 countries in its first day, and in England alone caused 16 hospitals to close and halted critical services such as urgent care, stroke centers, and surgeries.

Google realized the importance of personalized protection to defend these insecure devices years ago and is playing a lead role in implementing its BeyondCorp zero-trust security for the workers by shifting control from the perimeter to the device. This is evidence that this concept is not a fad but will fundamentally change the way companies and people secure their personal devices.

However, defending IoT devices is far more complicated than mobile devices (iOS and Android) due to dramatic variations of new and old HW, OS, firmware and application types, variations and modifications, and the fact universal client solutions won’t work on most IoT devices. While zero-trust can be effective in an all-cloud environment, it is not a corporate or healthcare security panacea at this time for operations with hybrid networks, applications, processing, and IoT.

Perimeter Security Days Are Numbered, and New Thinking Is Needed

The unfortunate success of WannaCry is a warning that today’s perimeter security is fragile and exposes insecure IoT devices to threats. This is true for many reasons. First, IoT by its nature must be conversational with a complex assortment of local and remote devices and back-end systems that’s hard to map, so it is extremely difficult to isolate without disrupting its operation.

Second, many IoT devices, especially in healthcare, use old versions of software with known vulnerabilities that cannot be upgraded or replaced. Third, virtually all operations mix devices such as laptops with unpublished day-zero vulnerabilities on the same network as IoT, so when a new malware type bypasses the perimeter, these devices are IoT breach launch pads. Therefore, the traditional perimeter methods to secure systems, such as firewalls, SIEM, network segmentation and software patching, won’t work for IoT. Without fundamentally new thinking and an innovative security approach, companies will be increasingly compromised as threats continue to exploit the numerous and unpublished vulnerabilities in the systems they are using today.

AI-Powered Personalized Protection Is the New Wave in Network Security

Today, personas are used for directing data for search and advertising, but the same concept can be applied to defense. Imagine an AI-powered defense that learns about each person and device, including its applications, exactly what it is, who it should talk to, and how it behaves. Then it creates and enforces a personalized defense and monitors behaviors to detect changes that indicate compromise. It can take immediate action to halt threats. And it does this without touching the device or requiring more boxes, VMs, or bumps in the wire.

This defense is available today from CloudPost Networks. This is the AI foundation for a proactive defense that implements protection using microsegmentation, which is a granulated, network-based protection capability, most commonly found in data centers, that uses software-defined policies to protect explicit workloads. CloudPost’s AI-powered policy creation allows companies to effectively expand microsegmentation across the entire network to personalize protect each IoT device and its conversation associates, so effective IoT defenses are in operation before a business or hospital is attacked.

As a result, when personalized protection is utilized and the next WannaCry, or any variant, bypasses the security perimeter via phishing or an insecure network device, it will be ineffective against IoT as all devices and their associates are protected by microsegmentation policy. If this cryptoworm manages to compromise any system in an IoT device’s conversation map, abnormal behaviors will be immediately detected and blocked while CloudPost AI learns about and modifies each device’s personalized IoT protection.

Research and evaluate the AI-powered personalized protection solution from CloudPost. Understand how it discovers, protects, and continues to improve the security of each IoT device with personalized policies and protection.